[Snort-users] OT- Can anyone recommend a log parser for cisco?

James Hoagland jim at ...47...
Thu Apr 10 07:09:11 EDT 2003


At 5:10 PM -0400 4/9/03, David Gianndrea wrote:
>It has become painfully apparent that I need some sort
>of log parser for  syslog messages. Im looking for
>an open source log manager / reporter that will help me
>do a better job of watching messages coming from our
>firewall with out having to spend weeks learning
>to tweaking it. Maybe with a web front end, something
>along the lines of Acid would be cool!
>
>Anybody know of one?

You could write an input module for SnortSnarf and present your 
messages in its browsable HTML output (which is along the lines of 
Acid).  Suggest use of Parse::Syslog from CPAN to aid in parsing the 
file.

Hope this helps,

   Jim
-- 
|*     Jim Hoagland, Associate Researcher, Silicon Defense     *|
|*    --- Silicon Defense: The Cyberwar Defense Company ---    *|
|*   jim at ...47..., http://www.silicondefense.com/    *|
|*  Voice: (530) 756-7317                 Fax: (530) 756-7297  *|




More information about the Snort-users mailing list